Rotem Bar

**Name of the Vulnerable Software and Affected Versions** Elementor Website Builder plugin versions prior to 3.5.6 **Description** The issue is related to insufficient protection of the webpage structure, allowing a remote attacker to perform cross-site scripting. This is a DOM-based Reflected Cross-Site Scripting (XSS) vulnerability. It is estimated that over 6.5 million websites are potentially affected. The vulnerability can be exploited by manipulating the `settings` parameter in the `/wp-content/plugins/elementor/assets/js/frontend.min.js` endpoint, specifically using the `elementor-action` with `action=lightbox` and crafted `settings` to inject malicious scripts. **Recommendations** For Elementor Website Builder plugin versions prior to 3.5.6, update the plugin to a version newer than 3.5.5 to resolve the issue. As a temporary workaround, consider restricting access to the `/wp-content/plugins/elementor/assets/js/frontend.min.js` endpoint until a patch is applied. Avoid using the `settings` parameter in the affected endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Open Distro for Elasticsearch versions prior to 1.13.1.0 **Description** The issue allows an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests, exceeding the intended scope of the Alerting plugin. **Recommendations** For versions prior to 1.13.1.0, update to version 1.13.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the Alerting plugin to minimize the risk of exploitation.